Wireshark dissector plugin for the Dynamic Link Exchange Protocol (DLEP).
The following instructions are tailored and tested for Ubuntu 20.04 64-bit Desktop and Wireshark 3.2.3:
- Install wireshark together with dependencies and wireshark-dev package:
sudo apt install wireshark wireshark-dev- Checkout plugin source, build and install:
git clone [email protected]:kylex2/dlep-wireshark-dissector.git
cd dlep-wireshark-dissector/
mkdir build && cd build
cmake ..
make
mkdir -p ~/.local/lib/wireshark/plugins/3.2/epan
cp dlep.so ~/.local/lib/wireshark/plugins/3.2/epan/-
Verify installation by confirming that the plugin is listed in the following Wireshark menu:
Help -> About Wireshark -> Plugins -
Open up a sample capture file:
wireshark plugins/epan/dlep/test/capture1.pcapng -
There are two preferences that adjust the TCP port and UDP port associated with DLEP packets. User preferences for this plugin may be set in the following menu:
Edit -> Preferences... -> Protocols -> DLEP
Sample DLEP capture files and a README are located in dlep/test.
The capture files may be opened in Wireshark as an example capture or used for fuzz-testing the plugin.
- This dissector plugin adheres to RFC 8175.
- This plugin attempts to decode all Data Items within a DLEP Signal or Message. While unrecognized Data Items are reported as such, invalid or disallowed duplicate Data Items are not indicated (Section 12.1 of RFC 8175).
- This plugin does not dissect Data Items belonging to DLEP extensions -- such Data Items are marked as "Unknown".
- While DLEP TCP/UDP ports are configurable via user preferences, this plugin does not dynamically register ports provided by IPv4/6 Connection Point Data Items.
- This plugin does not perform TCP segment reassembly. DLEP messages are assumed to not exceed the MTU of the link between a modem and router participating in the DLEP Session.